NBAR

cannone78 · ‎09-25-2008

Hi all,

I've this scenario:

client ---Router---web server

I'd like to configure a policy with a class that match protocol http url (NBAR) and apply it outbound towards web server on Router. The question is: does it match only the http request for that url or the reply too? I'm very confused...since I don't understand if NBAR used inspection to classify traffic in both direction..even if the policy is applied only outbound.

Can I match an url appling my policy in input?

Many thanks in advance for your support

Regards

Giuseppe Larosa · ‎09-25-2008

Hello Gianluca,

nbar will work on only one direction depending on the direction in which you apply the service-policy that uses the class-map that calls with match protocol the NBAR feature.

Be aware that at L4

match protocol http

is able only to match traffic from client to server

=

access-list 121 permit tcp any any eq 80

the return traffic is not HTTP, here TCP 80 is the source port

access-list 122 permit tcp any eq 80 any

there was another thread about this.

I would suggest you to use it on the interface between client and router to be able to shape on the outgoing interface based on marking you do on the client-to-router interface:

two service-policy one used to mark in client to router and the other one used outbound on interface to the web server.

Hope to help

Giuseppe

cannone78 · ‎09-29-2008

HI Giuseppe,

thanks for your support.

Gianluca